Swap bitfield3 and backpointer.

src/ia32/macro-assembler-ia32.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 651 matching lines @@
   bind(&ok);
 }
 
 
 void MacroAssembler::AbortIfNotSmi(Register object) {
   test(object, Immediate(kSmiTagMask));
   Assert(equal, "Operand is not a smi");
 }
 
 
+void MacroAssembler::AbortIfNotFixedArray(Register object) {
+  Label ok, fail;
+  CheckMap(object,
+           isolate()->factory()->fixed_array_map(),
+           &fail,
+           DONT_DO_SMI_CHECK);
+  jmp(&ok);
+  bind(&fail);
+  Abort("Operand is not a fixed array");
+  bind(&ok);
+}
+
+
 void MacroAssembler::AbortIfNotString(Register object) {
   test(object, Immediate(kSmiTagMask));
   Assert(not_equal, "Operand is not a string");
   push(object);
   mov(object, FieldOperand(object, HeapObject::kMapOffset));
   CmpInstanceType(object, FIRST_NONSTRING_TYPE);
   pop(object);
   Assert(below, "Operand is not a string");
 }
 
@@ skipping 1829 matching lines @@
   } else {
     CallRuntime(Runtime::kAbort, 2);
   }
   // will not return here
   int3();
 }
 
 
 void MacroAssembler::LoadInstanceDescriptors(Register map,
                                              Register descriptors) {
-  mov(descriptors,
-      FieldOperand(map, Map::kInstanceDescriptorsOrBitField3Offset));
-  Label not_smi;
-  JumpIfNotSmi(descriptors, &not_smi);
+  mov(descriptors, FieldOperand(map,
+                                Map::kInstanceDescriptorsOrBackPointerOffset));
+
+  Label ok, fail;
+  CheckMap(descriptors,
+           isolate()->factory()->fixed_array_map(),
+           &fail,
+           DONT_DO_SMI_CHECK);
+  jmp(&ok);
+  bind(&fail);
   mov(descriptors, isolate()->factory()->empty_descriptor_array());
-  bind(&not_smi);
+  bind(&ok);
+
+  if (emit_debug_code()) {
+    AbortIfNotFixedArray(descriptors);

[Jakob Kummerow, 2012/07/10 12:26:25]

This check is pretty pointless, don't you think? You only get here if you either
just passed the fixed_array_map() check, or after loading
empty_descriptor_array() (which we can probably trust to be a FixedArray; if you
think we can't, an
ASSERT(isolate->factory()->empty_descriptor_array()->IsFixedArray() at
crankshafting time would be quite sufficient).

[Toon Verwaest, 2012/07/10 13:28:28]

Done.

[Toon Verwaest, 2012/07/10 13:28:28]

Done.

+  }
 }
 
 
 void MacroAssembler::LoadPowerOf2(XMMRegister dst,
                                   Register scratch,
                                   int power) {
   ASSERT(is_uintn(power + HeapNumber::kExponentBias,
                   HeapNumber::kExponentBits));
   mov(scratch, Immediate(power + HeapNumber::kExponentBias));
   movd(dst, scratch);
@@ skipping 342 matching lines @@
   // Check that there are no elements.  Register ecx contains the
   // current JS object we've reached through the prototype chain.
   cmp(FieldOperand(ecx, JSObject::kElementsOffset),
       isolate()->factory()->empty_fixed_array());
   j(not_equal, call_runtime);
 
   // Check that instance descriptors are not empty so that we can
   // check for an enum cache.  Leave the map in ebx for the subsequent
   // prototype load.
   mov(ebx, FieldOperand(ecx, HeapObject::kMapOffset));
-  mov(edx, FieldOperand(ebx, Map::kInstanceDescriptorsOrBitField3Offset));
-  JumpIfSmi(edx, call_runtime);
+  mov(edx, FieldOperand(ebx, Map::kInstanceDescriptorsOrBackPointerOffset));
+  CheckMap(edx,
+           isolate()->factory()->fixed_array_map(),
+           call_runtime,
+           DONT_DO_SMI_CHECK);
+
+  if (emit_debug_code()) {
+    AbortIfNotFixedArray(edx);

[Jakob Kummerow, 2012/07/10 12:26:25]

This check is entirely pointless. We just did a map check on edx.

[Toon Verwaest, 2012/07/10 13:28:28]

Done.

[Toon Verwaest, 2012/07/10 13:28:28]

Done.

+  }
 
   // Check that there is an enum cache in the non-empty instance
   // descriptors (edx).  This is the case if the next enumeration
   // index field does not contain a smi.
   mov(edx, FieldOperand(edx, DescriptorArray::kEnumerationIndexOffset));
   JumpIfSmi(edx, call_runtime);
 
   // For all objects but the receiver, check that the cache is empty.
   Label check_prototype;
   cmp(ecx, eax);
   j(equal, &check_prototype, Label::kNear);
   mov(edx, FieldOperand(edx, DescriptorArray::kEnumCacheBridgeCacheOffset));
   cmp(edx, isolate()->factory()->empty_fixed_array());
   j(not_equal, call_runtime);
 
   // Load the prototype from the map and loop if non-null.
   bind(&check_prototype);
   mov(ecx, FieldOperand(ebx, Map::kPrototypeOffset));
   cmp(ecx, isolate()->factory()->null_value());
   j(not_equal, &next);
 }
 
 } }  // namespace v8::internal
 
 #endif  // V8_TARGET_ARCH_IA32